Skip to main navigation Skip to search Skip to main content

Attribute based authentication schemes

  • Dalia Khader

Student thesis: Doctoral ThesisPhD

Abstract

This thesis’ major contribution is to propose an attribute based authentication scheme (AAS). An AAS scheme is a new cryptosystem that extends the field of public key cryptography and more precisely digital signatures. An AAS scheme allows a verifier to decide on the set of attributes (s)he would like the signer to possess. The verifier sends the request to a group of possible signers as a monotone boolean expression. Any member with sufficient attributes can sign. The scheme maintains certain properties as follows (see scenario in Chapter 1):

• Noprevious knowledge assumption: The signer and verifier may or may not have met before; therefore we can not rely on any kind of previous knowledge.
• Unforgeable : It is hard to forge signatures and/or the proof of possession of attributes.
• Anonymous Identities: Given the signature it is hard to identify the signer.
• Unlinkable: Given two signatures it is hard to know whether the signer is the same or not.
• Traceable: Each group of potential signers have a group manager and he is the only one capable of revoking anonymity and discovering the signer’s identity. This property is meant to ensure signers do not misuse anonymity.
• Anonymous Attributes: The attribute disclosure should be to the minimum.
• Coalition Resistant: If a verifier requires more than one attribute from the signers, the signers should not be able to get together their individual attributes and sign as one entity.
• Separability: The tasks of different authorities should be separable and each entity should be capable of performing its task independently from others.

Different attribute oriented authentication schemes exist in literature, however each of them is designed to serve a certain application. However the properties we listed above never co-existed in one scheme. The proposed scheme was constructed in three phases each covers more properties than the one before as described in details in Chapter 5. We then propose a general construction that helps creating an AAS scheme using a group signature (Chapter 4) and attribute tree (Section 5.2) as building blocks. We prove that the security of the new AAS scheme created by such construction is based on the security of the group signature scheme.
Date of Award23 Apr 2009
Original languageEnglish
Awarding Institution
  • University of Bath
SupervisorRussell Bradford (Supervisor)

Cite this

Documents

  • Thesis

    File: application/pdf, -1 bytes

    Type: Thesis

'